Ok i came back home, vent to internet and see. Some Bosnian hackers hacked my php nuke. I cant belive it. Ok they removed all my adminiastrators, deleted all news and deactivated all modules. Also they removed my messages on index.

So what can i do? I have some security copyes and i will insert news, but how to prevent another hacking atack? I never update my nuke. I thought that is unnecessery but now i see. I need some Security fixes.

Please help me!

Evaders99Site Admin

Joined: Aug 17, 2003
Posts: 12482

Posted:
Wed Apr 27, 2005 3:39 pm

phpNuke (like any other popular use software) requires a vigilant admin, it will need updating.

just wondering, if someone 'hacks' your web site, what are they really doing?

from what i read, this is what a 'hacker' is limited to:
- deactive/delete blocks (but the blocks are still in the FTP right?)
- change the index.php around so it points to forums instead of news?
- edit the preference section

so really, if someone keeps a good backup, a hacker really can't do much except superficailly right?

every week I do a full backup of my html folder .. is that good enough? and what do i do if I have a backup of my db for my site and forums? how do i upload them once i get my site back up? thanks.

Evaders99Site Admin

Joined: Aug 17, 2003
Posts: 12482

Posted:
Mon May 09, 2005 7:02 pm

Mostly SQL based attacks are designed to take control of the Nuke admin. Then they write whatever messages they want on your site, or redirect to another site, that sort of thing. These are mostly kiddy script hackers, doing it for attention and noise.

The serious hackers can do numerous things on your server. They can gain server admin access, run all kinds of server scripts, even install their own scripts. They can basically take your server as their own, use it as a robot to take down other sites.

I'm not saying phpNuke itself is generally vulnerable, any web script is a target to be hacked. For the most part, you probably won't see serious hackers against your site.. mostly they target commercial, well known sites for attention and profit.

Mostly SQL based attacks are designed to take control of the Nuke admin. Then they write whatever messages they want on your site, or redirect to another site, that sort of thing. These are mostly kiddy script hackers, doing it for attention and noise.

The serious hackers can do numerous things on your server. They can gain server admin access, run all kinds of server scripts, even install their own scripts. They can basically take your server as their own, use it as a robot to take down other sites.

I'm not saying phpNuke itself is generally vulnerable, any web script is a target to be hacked. For the most part, you probably won't see serious hackers against your site.. mostly they target commercial, well known sites for attention and profit.

Just keep vigilant.

You're right. Who would spend the time and effort to hack a personal page? I'm still a newb when it comes to PHPNuke, but all my News, Comments, and Forum Posts are all stored in MySQL server and thats untouchable to the hacker even if he knows my PHPNuke pw right? There's no function in PHPNuke called format database, only backup db right?

gettopreachermanLieutenant

Joined: Jan 13, 2005
Posts: 262

Posted:
Tue May 10, 2005 5:21 am

If you know the db structure of nuke, then it's pretty easy...you just have to get:

DELETE FROM *table* and your table is gone...

Evaders99Site Admin

Joined: Aug 17, 2003
Posts: 12482

Posted:
Tue May 10, 2005 9:13 pm

From the Nuke interface, no - there's no direct way to delete entire tables. But if they're clever with their SQL hacks, then can push through SQL statements that will be run to do it (such commands as above)

From the Nuke interface, no - there's no direct way to delete entire tables. But if they're clever with their SQL hacks, then can push through SQL statements that will be run to do it (such commands as above)

Thanks for the clear up, I was wondering what the heck he was talking about